EUVD-2026-29870

Linux ksmbd contains a remote memory corruption vulnerability in the ACL inheritance path that allows remote clients with directory creation permissions to trigger a heap out-of-bounds read and subsequent heap corruption by setting a crafted DACL with a malformed SID containing an inflated...

CVE-2026-8449

...

CVE-2026-8449

This CVE ID has been rejected or withdrawn...

CVE-2026-8449

Affects Linux ksmbd. A remote memory corruption flaw in the ACL inheritance path allows remote clients with directory-creation permissions to trigger a heap out-of-bounds read and subsequent heap corruption by crafting a Malformed SID in a DACL. Exploitation can cause kernel instability and denia...

PT-2026-40453

Name of the Vulnerable Software and Affected Versions Linux ksmbd affected versions not specified Description A remote memory corruption issue exists in the ACL inheritance path. Remote clients with directory creation permissions can trigger a heap out-of-bounds read and subsequent heap corruptio...

ksmbd 缓冲区错误漏洞

ksmbd is an open-source CIFS/SMB3 server created by Namjae Jeon for the Linux kernel. It implements the SMB/CIFS protocol within the kernel space, used for sharing files and IPC services over a network. ksmbd has a buffer error vulnerability, which stems from remote memory corruption in the ACL...

EUVD-2026-26515

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate numaces and harden ACE walk in smbinheritdacl smbinheritdacl trusts the on-disk numaces value from the parent directory's DACL xattr and uses it to size a heap allocation: acesbase = kmallocsizeofstruct smbace...

EUVD-2003-1565

Malware in sbrugna...

EUVD-2016-3124

Malware in sbrugna...

CVE-2003-1575

VERITAS File System VxFS 3.3.3, 3.4, and 3.5 before MP1 Rolling Patch 02 for Sun Solaris 2.5.1 through 9 does not properly implement inheritance of default ACLs in certain circumstances related to the characteristics of a directory inode, which allows local users to bypass intended file permissio...

MGASA-2020-0058 Updated samba packages fix security vulnerabilities

The implementation of ACL inheritance in the Samba AD DC was not complete, and so absent a 'full-sync' replication, ACLs could get out of sync between domain controllers CVE-2019-14902. When processing untrusted string input Samba can read past the end of the allocated buffer when printing a...

Updated samba packages fix security vulnerabilities

The implementation of ACL inheritance in the Samba AD DC was not complete, and so absent a 'full-sync' replication, ACLs could get out of sync between domain controllers CVE-2019-14902. When processing untrusted string input Samba can read past the end of the allocated buffer when printing a...

FreeBSD : samba -- multiple vulnerabilities (5f0dd349-40a2-11ea-8d8c-005056a311d1)

The Samba Team reports : CVE-2019-14902 The implementation of ACL inheritance in the Samba AD DC was not complete, and so absent a 'full-sync' replication, ACLs could get out of sync between domain controllers. CVE-2019-14907 When processing untrusted string input Samba can read past the end of t...

Samba 4.x < 4.9.18 / 4.10.x < 4.10.12 / 4.11.x < 4.11.5 Multiple Vulnerabilities

The version of Samba running on the remote host is 4.x prior to 4.9.18, 4.10.x prior to 4.10.12, or 4.11.x prior to 4.11.5. It is, therefore, affected by multiple vulnerabilities: - An issue exists with ACL inheritance due to added or removed delegated rights not being inherited across domain...

USN-4244-1 samba vulnerabilities

It was discovered that Samba did not automatically replicate ACLs set to inherit down a subtree on AD Directory, contrary to expectations. This issue was only addressed in Ubuntu 18.04 LTS, Ubuntu 19.04 and Ubuntu 19.10. CVE-2019-14902 Robert Święcki discovered that Samba incorrectly handled...

CVE-2016-2016

Base-VxFS-50 B.05.00.01 through B.05.00.02, Base-VxFS-501 B.05.01.0 through B.05.01.03, and Base-VxFS-51 B.05.10.00 through B.05.10.02 on HPE HP-UX 11iv3 with VxFS 5.0, VxFS 5.0.1, and VxFS 5.1SP1 mishandles ACL inheritance for default:class: entries, default:other: entries, and default:user:...

CVE-2016-2016

Base-VxFS-50 B.05.00.01 through B.05.00.02, Base-VxFS-501 B.05.01.0 through B.05.01.03, and Base-VxFS-51 B.05.10.00 through B.05.10.02 on HPE HP-UX 11iv3 with VxFS 5.0, VxFS 5.0.1, and VxFS 5.1SP1 mishandles ACL inheritance for default:class: entries, default:other: entries, and default:user:...

Design/Logic Flaw

Base-VxFS-50 B.05.00.01 through B.05.00.02, Base-VxFS-501 B.05.01.0 through B.05.01.03, and Base-VxFS-51 B.05.10.00 through B.05.10.02 on HPE HP-UX 11iv3 with VxFS 5.0, VxFS 5.0.1, and VxFS 5.1SP1 mishandles ACL inheritance for default:class: entries, default:other: entries, and default:user:...

CVE-2016-2016

CVE-2016-2016 affects HP-UX 11iv3 with Base-VxFS 5.0/5.0.1/5.1SP1. The issue is in VxFS ACL inheritance where default:class:, default:other:, and default:user: entries can be bypassed via configuration of a parent directory, allowing local users to bypass intended access restrictions. Vulnerable ...

CVE-2016-2016

Base-VxFS-50 B.05.00.01 through B.05.00.02, Base-VxFS-501 B.05.01.0 through B.05.01.03, and Base-VxFS-51 B.05.10.00 through B.05.10.02 on HPE HP-UX 11iv3 with VxFS 5.0, VxFS 5.0.1, and VxFS 5.1SP1 mishandles ACL inheritance for default:class: entries, default:other: entries, and default:user:...